daemon: automatically set network EnableIPv6 if needed

[akerouanton]

- What I did

PR #45759 added a validation step to NetworkCreate to ensure no IPv6 subnet could be set on a network if its EnableIPv6 parameter is false.

Before that, the daemon was accepting such request but was doing nothing with the IPv6 subnet.

This validation step is now deleted, and we automatically set EnableIPv6 if an IPv6 subnet was specified.

[thaJeztah]

oh! can you remove the fix from the commit message? (otherwise it may automatically close the PR)

for the PR #45759, I generally refer to the commit that introduced something (which allows finding back the original change separate from GitHub) - but for those, I then add a link to the PR in the PR description on GitHub (so not in the commit message).

[thaJeztah]

code LGTM otherwise 😄

[thaJeztah]

Overall this looks fine; starting to wonder now if we should have something that returns the IPAM config;

• ValidateIPAM also loops over all configs (including checking for IPv6)
• But the only thing returned is an error (i.e., we throw away some of the work)

We could have some function that handles the IPAM config, returns it (which may include setting some additional "runtime" data perhaps)

ipamConfig, err := foo.ParseIPAMConfig()

Or perhaps this should be a libnetwork.NetworkOptionIPAM(create.IPAM). We should update NetworkOption to return an error (maybe I already had something like that in one of my PRs), so that it can return an error if the option was invalid.

Eitherway; that's definitely fine to be looked at separately 😅

[akerouanton]

Or perhaps this should be a libnetwork.NetworkOptionIPAM(create.IPAM).

Nope, that's something I'd really like to prevent in the future. With a tighter integration between moby and libnetwork, we should instead put data validation / normalization closer to the API such that we can expect data to be valid early in the call stack. That should make it easier to build a mental model of what's going on. With that boundary, if we need to check the soundness of some data down the stack, it should only be for defensive reasons.

starting to wonder now if we should have something that returns the IPAM config;

IMO it's always harder to reason about some code that validate and mutate data at the same time. I don't expect Unless we've good reasons to tie both steps together, I'd prefer to stick with this implementation.

[thaJeztah]

LGTM

[thaJeztah]

oh! there's a build-failure somewhere;

api/types/network/ipam.go:1: : # github.com/docker/docker/api/types/network [github.com/docker/docker/api/types/network.test]
api/types/network/ipam_test.go:131:35: too many arguments in call to ValidateIPAM
	have (*IPAM, bool)
	want (*IPAM) (typecheck)
package network

[thaJeztah]

LGTM

[DerLinkman]

Hi!

So basically this PR ignores a set enable_ipv6: false value inside a docker-compose.yml?

Why does this option still exists then if it is ignored even if it is false?

Previously we could had the ipv6 subnet added to the docker-compose.yml and let our users decide if they want to and don't want to use ipv6, so they disabled it accordingly to our docs. Now they have to set the enable_ipv6 parameter to false and remove the ipv6 subnet from the network config?

With the new update to 25.0.0 our users with deactivated ipv6 now run into problems and they would have to modify their setup again.

Maybe this is a bug, that it is ignored at all?

Referencing: mailcow/mailcow-dockerized#5668

[thaJeztah]

@DerLinkman could you open a ticket with details? It helps tracking, as comments on PRs can easily get overlooked / lost.